From 90cf5d1ff99ea4fa95158ff4cc590b6692e39350 Mon Sep 17 00:00:00 2001 From: kat witch Date: Sun, 29 Aug 2021 04:54:47 +0100 Subject: [PATCH] Removed defunct modules + services. README update. Monitoring fix. --- README.md | 53 ++++++++ config/hosts/athame/nixos.nix | 9 ++ config/modules/home/default.nix | 2 - config/modules/home/fvwm.nix | 9 -- config/modules/home/vim.nix | 201 ---------------------------- config/modules/nixos/monitoring.nix | 10 +- config/services/loki/default.nix | 62 --------- 7 files changed, 67 insertions(+), 279 deletions(-) delete mode 100644 config/modules/home/fvwm.nix delete mode 100644 config/modules/home/vim.nix delete mode 100644 config/services/loki/default.nix diff --git a/README.md b/README.md index 2ade3085..a6236a86 100644 --- a/README.md +++ b/README.md @@ -9,6 +9,8 @@ These are the NixOS configurations for my systems. I run nothing other than NixO * [Nodes](#nodes) * [Profiles](#profiles) * [User Profiles](#user-profiles) +* [Services](#services) +* [Modules](#modules) * [CI](#ci) * [Dependencies](#dependencies) * [Commands](#commands) @@ -45,6 +47,57 @@ These are the NixOS configurations for my systems. I run nothing other than NixO | [services](config/users/kat/services) | User services. weechat and mpd are provided. | | [sway](config/users/kat/sway) | sway, i3gopher, swayidle, swaylock-effects, screenshot tool, [kittywitch/konawall-rs](https://github.com/kittywitch/konawall-rs), mako, wofi, waybar and xkb (custom layout o:) configuration. | +## Services + +| Service | Description | +| --- | --- | +| [filehost](config/services/filehost/default.nix) | I sling things in here via SSH/SCP. | +| [fusionpbx](config/services/fusionpbx/default.nix) | FusionPBX. Fancy PBX. | +| [gitea](config/services/gitea/default.nix) | Self-hosted git with mail support. | +| [jellyfin](config/services/jellyfin/default.nix) | HTPC/NAS stuff. | +| [katsplash](config/services/katsplash/default.nix) | A splash screen for some hosts. | +| [kattv-ingest](config/services/kattv-ingest/default.nix) | Takes data from kattv, slings to RTMP. | +| [kattv](config/services/kattv/default.nix) | Takes data from a webcam, slings to kattv-ingest. | +| [logrotate](config/services/logrotate/default.nix) | Rotates logs! | +| [mail](config/services/mail/default.nix) | [nixos-mailserver](https://gitlab.com/simple-nixos-mailserver/nixos-mailserver). | +| [matrix](config/services/matrix/default.nix) | Synapse and some appservices. Need to migrate the appservice configs in. | +| [murmur](config/services/murmur/default.nix) | Mumble! | +| [nfs](config/services/nfs/default.nix) | Network filesy stuff. | +| [nginx](config/services/nginx/default.nix) | Our NGINX preset configs. | +| [postgres](config/services/postgres/default.nix) | Database of choice. | +| [radicale](config/services/radicale/default.nix) | CalDAV, integrated with the mail service. | +| [restic](config/services/restic/default.nix) | Backups! | +| [syncplay](config/services/syncplay/default.nix) | Watching videos with friends and lovers. Usually, lovers. | +| [taskserver](config/services/taskserver/default.nix) | Taskwarrior server. | +| [transmission](config/services/transmission/default.nix) | Linux distros, I swear. | +| [tvheadend](config/services/tvheadend/default.nix) | DVB-T ingest for Jellyfin and so on! | +| [vaultwarden](config/services/vaultwarden/default.nix) | Passwords! | +| [website](config/services/website/default.nix) | Our personal website. | +| [xmpp](config/services/xmpp/default.nix) | Prosody. | +| [zfs](config/services/zfs/default.nix) | ZFS snapshot settings. | +| [znc](config/services/znc/default.nix) | IRC bouncer! | + +## Modules + +This list will include the modules provided by [kittywitch/nixexprs](https://github.com/kittywitch/nixexprs) as "katexprs". + +| Module | Domain | Description | +| --- | --- | --- | +| [arcnmx/nixexprs](https://github.com/arcnmx/nixexprs) | NixOS + home-manager | We use... a lot of these. Syncplay, modprobe, base16, i3gopher, weechat, konawall, shell and probably more. | +| [arcnmx/tf-nix](https://github.com/arcnmx/tf-nix) | Meta + NixOS + home-manager | Deployment, secrets and terraform. | +| [nix-community/impermanence](https://github.com/nix-community/impermanence) | NixOS + home-manager | Erase your darlings. | +| katexprs/nftables | NixOS | Uses nftables for the NixOS firewall module. | +| katexprs/firewall | NixOS + home-manager | Per-"domain" (private, public) -> interface abstractions for the firewall. Easier to remember. | +| katexprs/network (WIP) | NixOS + home-manager | Network abstractions. Handles DNS + certs, among virtualHosts. | +| katexprs/fusionpbx (WIP) | NixOS | FusionPBX. | +| nixfiles/secrets | Meta + NixOS + home-manager | Helper for tf-nix's secrets. | +| nixfiles/deploy | Meta + NixOS + home-manager | tf-nix deployment integration | +| nixfiles/network | Meta | Enables node to host config assignment & NixOS module. | +| nixfiles/dyndns | NixOS | Dynamic DNS using [glauca.digital](https://glauca.digital). | +| nixfiles/monitoring | NixOS | Grafana, Prometheus, Loki, node-exporter, netdata, promtail, ... | +| nixfiles/theme | home-manager | Abstractions for themes. SASS templating. | +| hexchen/yggdrasil | NixOS | Yggdrasil ease of use module. | + ## CI CI for this repository uses [arcnmx/ci](https://github.com/arcnmx/ci) and aims to achieve two goals: diff --git a/config/hosts/athame/nixos.nix b/config/hosts/athame/nixos.nix index 020fdf7e..2d84b281 100644 --- a/config/hosts/athame/nixos.nix +++ b/config/hosts/athame/nixos.nix @@ -33,6 +33,15 @@ with lib; server.enable = true; }; + services.prometheus = { + scrapeConfigs = [ + { + job_name = "boline"; + static_configs = [{ targets = [ "boline.${config.network.addresses.yggdrasil.prefix}.${config.network.dns.domain}:8002" ]; }]; + } + ]; + }; + # Terraform deploy.tf = { diff --git a/config/modules/home/default.nix b/config/modules/home/default.nix index 77c21975..88269feb 100644 --- a/config/modules/home/default.nix +++ b/config/modules/home/default.nix @@ -6,8 +6,6 @@ (import (sources.arcexprs + "/modules")).home-manager (import (sources.katexprs + "/modules")).home (import (sources.impermanence + "/home-manager.nix")) - ./vim.nix - ./fvwm.nix ./deploy.nix ./theme.nix ./secrets.nix diff --git a/config/modules/home/fvwm.nix b/config/modules/home/fvwm.nix deleted file mode 100644 index 4c60ecef..00000000 --- a/config/modules/home/fvwm.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ config, lib, ... }: - -with lib; - -{ - options.programs.fvwm = { - enable = mkEnableOption "Enable FVWM"; - }; -} diff --git a/config/modules/home/vim.nix b/config/modules/home/vim.nix deleted file mode 100644 index 2bf91da5..00000000 --- a/config/modules/home/vim.nix +++ /dev/null @@ -1,201 +0,0 @@ -{ config, lib, pkgs, ... }: - -/* - This module: - * is from an unmerged PR from home-manager. - - See: https://github.com/nix-community/home-manager/pull/1745 -*/ - -with lib; - -let - - cfg = config.programs.vim; - defaultPlugins = [ pkgs.vimPlugins.vim-sensible ]; - - knownSettings = { - background = types.enum [ "dark" "light" ]; - backupdir = types.listOf types.str; - copyindent = types.bool; - directory = types.listOf types.str; - expandtab = types.bool; - hidden = types.bool; - history = types.int; - ignorecase = types.bool; - modeline = types.bool; - mouse = types.enum [ "n" "v" "i" "c" "h" "a" "r" ]; - mousefocus = types.bool; - mousehide = types.bool; - mousemodel = types.enum [ "extend" "popup" "popup_setpos" ]; - number = types.bool; - relativenumber = types.bool; - shiftwidth = types.int; - smartcase = types.bool; - tabstop = types.int; - undodir = types.listOf types.str; - undofile = types.bool; - }; - - vimSettingsType = types.submodule { - options = - let - opt = name: type: - mkOption { - type = types.nullOr type; - default = null; - visible = false; - }; - in - mapAttrs opt knownSettings; - }; - - setExpr = name: value: - let - v = - if isBool value then - (if value then "" else "no") + name - else - "${name}=${ - if isList value then concatStringsSep "," value else toString value - }"; - in - optionalString (value != null) ("set " + v); - - plugins = - let - vpkgs = pkgs.vimPlugins; - getPkg = p: - if isDerivation p then - [ p ] - else - optional (isString p && hasAttr p vpkgs) vpkgs.${p}; - in - concatMap getPkg cfg.plugins; - -in -{ - options = { - programs.vim = { - enable = mkEnableOption "Vim"; - - package = mkOption { - type = types.package; - default = pkgs.vim_configurable; - defaultText = literalExample "pkgs.vim_configurable"; - description = "The package to use for the vim binary."; - }; - - finalPackage = mkOption { - type = types.package; - visible = false; - readOnly = true; - description = "Resulting customized vim package."; - }; - - plugins = mkOption { - type = with types; listOf (either str package); - default = defaultPlugins; - example = literalExample "[ pkgs.vimPlugins.YankRing ]"; - description = '' - List of vim plugins to install. To get a list of supported plugins run: - nix-env -f '<nixpkgs>' -qaP -A vimPlugins. - - - - Note: String values are deprecated, please use actual packages. - ''; - }; - - settings = mkOption { - type = vimSettingsType; - default = { }; - example = literalExample '' - { - expandtab = true; - history = 1000; - background = "dark"; - } - ''; - description = '' - At attribute set of Vim settings. The attribute names and - corresponding values must be among the following supported - options. - - - ${concatStringsSep "\n" (mapAttrsToList (n: v: '' - - ${n} - ${v.description} - - '') knownSettings)} - - - See the Vim documentation for detailed descriptions of these - options. Note, use extraConfig to - manually set any options not listed above. - ''; - }; - - extraConfig = mkOption { - type = types.lines; - default = ""; - example = '' - set nocompatible - set nobackup - ''; - description = "Custom .vimrc lines"; - }; - - }; - }; - - config = ( - let - customRC = '' - ${concatStringsSep "\n" (filter (v: v != "") (mapAttrsToList setExpr - (builtins.intersectAttrs knownSettings cfg.settings)))} - - ${cfg.extraConfig} - ''; - - vim = cfg.package.customize { - name = "vim"; - vimrcConfig = { - inherit customRC; - - packages.home-manager.start = plugins; - }; - }; - in - mkIf cfg.enable { - assertions = - let - packagesNotFound = - filter (p: isString p && (!hasAttr p pkgs.vimPlugins)) cfg.plugins; - in - [{ - assertion = packagesNotFound == [ ]; - message = "Following VIM plugin not found in pkgs.vimPlugins: ${ - concatMapStringsSep ", " (p: ''"${p}"'') packagesNotFound - }"; - }]; - - warnings = - let stringPlugins = filter isString cfg.plugins; - in - optional (stringPlugins != [ ]) '' - Specifying VIM plugins using strings is deprecated, found ${ - concatMapStringsSep ", " (p: ''"${p}"'') stringPlugins - } as strings. - ''; - - home.packages = [ cfg.finalPackage ]; - - programs.vim = { - finalPackage = vim; - plugins = defaultPlugins; - }; - } - ); -} diff --git a/config/modules/nixos/monitoring.nix b/config/modules/nixos/monitoring.nix index 9b888cec..a540ae1f 100644 --- a/config/modules/nixos/monitoring.nix +++ b/config/modules/nixos/monitoring.nix @@ -27,7 +27,7 @@ in }; config = mkMerge [ ({ - kw.monitoring.server.domainPrefix = ".${config.network.addresses.yggdrasil.prefix}.${config.network.dns.domain}:19999"; + kw.monitoring.server.domainPrefix = ".${config.network.addresses.yggdrasil.prefix}.${config.network.dns.domain}"; }) (mkIf cfg.server.loki { network.firewall.private.tcp.ports = [ 3100 ]; @@ -89,7 +89,7 @@ in }; }) (mkIf cfg.server.enable { - network.firewall.private.tcp.ports = [ 9002 ]; + network.firewall.private.tcp.ports = [ 9090 ]; kw.secrets = [ "grafana-admin-pass" @@ -145,20 +145,20 @@ in metrics_path = "/api/v1/allmetrics"; honor_labels = true; params = { format = [ "prometheus" ]; }; - static_configs = singleton { targets = singleton "${hostName}.${cfg.server.domainPrefix}:19999"; }; + static_configs = singleton { targets = singleton "${hostName}${cfg.server.domainPrefix}:19999"; }; }) nd_configs ++ mapAttrsToList (hostName: prom: { job_name = hostName; static_configs = singleton { - targets = [ "${hostName}.${cfg.server.domainPrefix}:${toString prom.port}" ]; + targets = [ "${hostName}${cfg.server.domainPrefix}:${toString prom.port}" ]; }; }) prom_configs; }; }) (mkIf cfg.client.enable { - network.firewall.private.tcp.ports = [ 19999 ]; + network.firewall.private.tcp.ports = [ 19999 9002 ]; services.netdata.enable = true; diff --git a/config/services/loki/default.nix b/config/services/loki/default.nix deleted file mode 100644 index 1bcb6f51..00000000 --- a/config/services/loki/default.nix +++ /dev/null @@ -1,62 +0,0 @@ -{ config, pkgs, ... }: - -{ - #network.firewall.private.tcp.ports = [ 3100 ]; - services.loki = { - enable = false; - configuration = { - auth_enabled = false; - chunk_store_config = { max_look_back_period = "0s"; }; - ingester = { - chunk_idle_period = "1h"; - chunk_retain_period = "30s"; - chunk_target_size = 1048576; - lifecycler = { - address = "0.0.0.0"; - final_sleep = "0s"; - ring = { - kvstore = { store = "inmemory"; }; - replication_factor = 1; - }; - }; - max_chunk_age = "1h"; - max_transfer_retries = 0; - }; - limits_config = { - reject_old_samples = true; - reject_old_samples_max_age = "168h"; - }; - schema_config = { - configs = [{ - from = "2020-10-24"; - index = { - period = "24h"; - prefix = "index_"; - }; - object_store = "filesystem"; - schema = "v11"; - store = "boltdb-shipper"; - }]; - }; - compactor = { - working_directory = "/tmp/loki-compactor-boltdb"; - shared_store = "filesystem"; - }; - server = { http_listen_port = 3100; }; - storage_config = { - boltdb_shipper = { - active_index_directory = "/var/lib/loki/boltdb-shipper-active"; - cache_location = "/var/lib/loki/boltdb-shipper-cache"; - cache_ttl = "24h"; - shared_store = "filesystem"; - }; - filesystem = { directory = "/var/lib/loki/chunks"; }; - }; - table_manager = { - retention_deletes_enabled = false; - retention_period = "0s"; - }; - }; - }; - -}